Title | ||
---|---|---|
DTB-IDS: an intrusion detection system based on decision tree using behavior analysis for preventing APT attacks |
Abstract | ||
---|---|---|
Abstract Due to rapid growth of communications and networks, a cyber-attack with malicious codes has been coming as a new paradigm in information security area since last few years. In particular, an advanced persistent threats (APT) attack is bringing out big social issues. The APT attack uses social engineering methods to target various systems for intrusions. It breaks down the security of the target system to leak information or to destroy the system by giving monetary damages on the target. APT attacks make relatively simple attacks such as spear phishing during initial intrusion but a back door is created by leaking the long-term information after initial intrusion, and it transmits the malicious code by analyzing the internal network. In this paper, we propose an intrusion detection system based on the decision tree using analysis of behavior information to detect APT attacks that intellectually change after intrusion into a system. Furthermore, it can detect the possibility on the initial intrusion and minimize the damage size by quickly responding to APT attacks. |
Year | DOI | Venue |
---|---|---|
2017 | 10.1007/s11227-015-1604-8 | The Journal of Supercomputing |
Keywords | Field | DocType |
Advanced persistent threats (APT),Behavior analysis,Decision tree,Intrusion detection | Decision tree,Intrusion,Phishing,Computer science,Computer security,Information security,Social engineering (security),Anomaly-based intrusion detection system,Intrusion prevention system,Intrusion detection system | Journal |
Volume | Issue | ISSN |
73 | 7 | 1573-0484 |
Citations | PageRank | References |
8 | 0.49 | 12 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Daesung Moon | 1 | 10 | 2.57 |
Hyungjin Im | 2 | 11 | 2.25 |
Ikkyun Kim | 3 | 62 | 9.02 |
Jong Hyuk Park | 4 | 1661 | 193.82 |